Multi-Branch CI/CD Pipeline using CDK Pipelines.

Overview

Using AWS CDK Pipelines and AWS Lambda for multi-branch pipeline management and infrastructure deployment.

This project shows how to use the AWS CDK Pipelines module to follow a Gitflow development model using AWS CDK. Software development teams often follow a strict branching strategy during the development lifecycle of a solution. It is common for newly created branches to need their own isolated copy of infrastructure resources in order to develop new features.

CDK Pipelines is a construct library module for painless continuous delivery of AWS CDK applications. CDK Pipelines are self-updating: if you add application stages or stacks, the pipeline automatically reconfigures itself to deploy those new stages and/or stacks.

The following solution creates a new AWS CDK Pipeline within a development account for every new branch created in the source repository (AWS CodeCommit). When a branch is deleted, the pipeline and all related resources are destroyed from the account as well. This GitFlow model for infrastructure provisioning allows developers to work independently from each other, concurrently, even in the same stack of the application.

Overview of the solution

Architecture diagram

Prerequisites

Before setting up this project, you should have the following prerequisites:

  • An AWS account
  • AWS CDK installed
  • Python3 installed

Initial setup

Create a new AWS CodeCommit repository in the AWS Account and region where you want to deploy the pipeline and upload the source code from this repository. In the config.ini file, change the repository_name and region variables accordingly.

Make sure to set up a fresh python environment. Install the dependencies:

pip install -r requirements.txt

Run the initial-deploy.sh script to bootstrap the development and production environments and to deploy the default pipeline. You’ll be asked to provide the following parameters: (1) Development account ID, (2) Development account AWS profile name (3) Production account ID, (4) Production account AWS profile name.

sh ./initial-deploy.sh --dev_account_id <YOUR DEV ACCOUNT ID> -- dev_profile_name <YOUR DEV PROFILE NAME> --prod_account_id <YOUR PRODUCTION ACCOUNT ID> --prod_profile_name <YOUR PRODUCTION PROFILE NAME>

How to use

Lambda S3 trigger project from AWS CDK Samples is used as infrastructure resources to demonstrate this solution. The content is placed inside the src directory and is deployed by the pipeline. Replace the content of this repository with your infrastructure code. Use CDK Constructs to combine your infrastructure code into one stack and reference this in the application stage inside src/application_stage.py.

Create a feature branch

On your machine’s local copy of the repository, create a new feature branch using the git commands below. Replace user-feature-123 with a unique name for your feature branch. Note: this feature branch name must comply with the AWS CodePipeline naming restrictions for it will be used to name a unique pipeline later in this walkthrough.

# Create the feature branch
git checkout -b user-feature-123
git push origin user-feature-123

The first AWS Lambda function will deploy the CodeBuild project which then deployes the feature pipeline. This can take a few minutes. You can log into the AWS Console and see the CodeBuild project running under AWS CodeBuild. After the build is successfully finished, you can see the deployed feature pipeline under AWS CodePipelines.

Destroy a feature branch

There are two common ways for removing feature branches. The first one is related to a pull request, also known as a “PR”, which occurs when merging a feature branch back into the default branch. Once it is merged, the feature branch will be automatically closed. The second way is to delete the feature branch explicitly by running the below git commands.

# delete branch local
git branch -d user-feature-123

# delete branch remote
git push origin --delete user-feature-123

Security

See CONTRIBUTING for more information.

License

This library is licensed under the MIT-0 License. See the LICENSE file.

Comments
  • Cdk v2 migration

    Cdk v2 migration

    Description of changes:

    • Migrated current CDK code to CDK V2
    • Added CDK NAG checks

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by iriskraja77 0
  • update lambda python version to 3.9

    update lambda python version to 3.9

    Issue #, if available:

    Description of changes:

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by bauerjan93 0
  • add block_public_access and encryption

    add block_public_access and encryption

    Issue #, if available:

    Description of changes:

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by bauerjan93 0
  • add NOTICE

    add NOTICE

    Issue #, if available:

    Description of changes:

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by bauerjan93 0
  • add changelog

    add changelog

    Issue #, if available:

    Description of changes:

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by bauerjan93 0
  • Added IAM:PassRole to the CreateBranch and DeleteBranch functions to …

    Added IAM:PassRole to the CreateBranch and DeleteBranch functions to …

    …fix an issue with build/delete on branch

    Issue #, if available: Not tracked yet, but was receiving the following:

    [ERROR] 2022-08-28T23:50:47.300Z e2b85c4b-0586-4f82-a7fa-ec4d9a6fe72a An error occurred (AccessDeniedException) when calling the CreateProject operation: User: arn:aws:sts::XX:assumed-role/cdk-pipelines-multi-branc-IAMPipelineLambdaCreateB-ZSTRO2FYNUZ8/LambdaTriggerCreateBranch is not authorized to perform: iam:PassRole on resource: arn:aws:iam::XX:role/cdk-pipelines-multi-branc-IAMPipelineCodeBuildExec-YJBU17LTTQ0G because no identity-based policy allows the iam:PassRole action

    Description of changes:

    • Added grant_pass_role() to both the create_branch_role and delete_branch_role

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. Yes

    opened by troydieter 1
  • WIP: Add automated PR approval

    WIP: Add automated PR approval

    Issue #, if available:

    Description of changes:

    This PR adds the ability to have automated PR approvals (optional). The way this is implemented is be creating a per-branch Approval Template which requires approval from a dedicated role (per-branch as well).

    At the moment there is one caveat as the PR approval is not automatically created when the PR is created for the first time (it is on the next commit/push to the corresponding branch).

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by yoanisgil 0
Owner
AWS Samples
AWS Samples
Cdk-python-crud-app - CDK Python CRUD App

Welcome to your CDK Python project! You should explore the contents of this proj

Shapon Sheikh 1 Jan 12, 2022
This solution helps you deploy Data Lake Infrastructure on AWS using CDK Pipelines.

CDK Pipelines for Data Lake Infrastructure Deployment This solution helps you deploy data lake infrastructure on AWS using CDK Pipelines. This is base

AWS Samples 66 Nov 23, 2022
Deploy a STAC API and a dynamic mosaic tiler API using AWS CDK.

Earth Observation API Deploy a STAC API and a dynamic mosaic tiler API using AWS CDK.

Development Seed 39 Oct 30, 2022
Project template for using aws-cdk, Chalice and React in concert, including RDS Postgresql and AWS Cognito

What is This? This repository is an opinonated project template for using aws-cdk, Chalice and React in concert. Where aws-cdk and Chalice are in Pyth

Rasmus Jones 4 Nov 7, 2022
AWS Blog post code for running feature-extraction on images using AWS Batch and Cloud Development Kit (CDK).

Batch processing with AWS Batch and CDK Welcome This repository demostrates provisioning the necessary infrastructure for running a job on AWS Batch u

AWS Samples 7 Oct 18, 2022
Recommended AWS CDK project structure for Python applications

Recommended AWS CDK project structure for Python applications The project implements a user management backend component that uses Amazon API Gateway,

AWS Samples 110 Jan 6, 2023
Criando Lambda Functions para Ingerir Dados de APIs com AWS CDK

LIVE001 - AWS Lambda para Ingerir Dados de APIs Fazer o deploy de uma função lambda com infraestrutura como código Lambda vai numa API externa e extra

Andre Sionek 12 Nov 20, 2022
Create CDK projects with projen

The Projenator: I'll be back! Description This is a CDKv2 project that takes the grind out of setting up new cdk projects/implementations by using aut

Andrew 2 Dec 11, 2021
This repository contains code written in the AWS Cloud Development Kit (CDK)

This repository contains code written in the AWS Cloud Development Kit (CDK) which launches infrastructure across two different regions to demonstrate using AWS AppSync in a multi-region setup.

AWS Samples 5 Jun 3, 2022
This is a repository for the Duke University Cloud Computing course project on Serveless Data Engineering Pipeline. For this project, I recreated the below pipeline.

AWS Data Engineering Pipeline This is a repository for the Duke University Cloud Computing course project on Serverless Data Engineering Pipeline. For

null 15 Jul 28, 2021
Step by Step Guide To Install Discord Py Master Branch on Replit

Guide to Install Discord Py Master Branch on Replit Step 1 Create an empty repl on replit Step 2 Add this Basic Code to the file main.py so as to chec

Pranav Saxena 7 Nov 18, 2022
DevSecOps pipeline for Python based web app using Jenkins, Ansible, AWS, and open-source security tools and checks.

DevSecOps pipeline for Python Web App A Jenkins end-to-end DevSecOps pipeline for Python web application, hosted on AWS Ubuntu 20.04 Note: This projec

Devanshu Vashishtha 4 Aug 15, 2022
Implement backup and recovery with AWS Backup across your AWS Organizations using a CI/CD pipeline (AWS CodePipeline).

Backup and Recovery with AWS Backup This repository provides you with a management and deployment solution for implementing Backup and Recovery with A

AWS Samples 8 Nov 22, 2022
Complete portable pipeline for masking of Aadhaar Number adhering to Govt. Privacy Guidelines.

Aadhaar Number Masking Pipeline Implementation of a complete pipeline that masks the Aadhaar Number in given images to adhere to Govt. of India's Priv

null 1 Nov 6, 2021
A multi-tenant multi-client scalable product categorising demo stack

Better Categories 4All: A multi-tenant multi-client product categorising stack The steps to reproduce training and inference are in the end of this fi

null 7 Feb 15, 2022
Track to Detect and Segment: An Online Multi-Object Tracker (CVPR 2021)

Track to Detect and Segment: An Online Multi-Object Tracker (CVPR 2021) Track to Detect and Segment: An Online Multi-Object Tracker Jialian Wu, Jiale

Jialian Wu 520 Dec 31, 2022
Reverse engineering multi-device WhatsApp Web.

whatsapp-web-multi-device-reveng In this repository, the research for reverse engineering multi-device WhatsApp Web takes place, see here for a descri

null 84 Jan 1, 2023
EzilaX Music ❤ is the best and only Telegram VC player with playlists, Multi Playback, Channel play and more POWERD By SDBOTs

EzilaX-Music ?? A bot that can play music on Telegram Group and Channel Voice Chats Available on telegram as @EzilaXMBot Features ?? Thumbnail Support

Sadew Jayasekara 9 Oct 24, 2021
nuub-bot is a multi-purpose designed and developed in python3

nuub-bot About Nuub-Bot is an open source, fully customizable Discord bot that is constantly growing. You can invite it to your Discord server using t

Baneet Parmar 8 Jun 28, 2022